You can either enable or disable the sensitive log and
trace guard to help control whether loggers write sensitive information
in your log and trace files.
About this task
Administrators using WebSphere® Application
Server can prevent sensitive information, such as data provided from
users in HTTP requests, from being written in log and trace files.
In some cases, when having access to private data can help with debugging,
you might want to disable sensitive log and trace guard. For example,
you might see that a credit card number that was entered in a web
form did not have the required number of digits.
Sensitive
log and trace guard works by preventing administrators from enabling
certain loggers to levels at which they are known to log or trace
sensitive information.
Use the administrative console to enable
or disable the sensitive log and trace guard.
Procedure
- Log on to the administrative console.
- If you are using an administrative agent topology, then
select a node that you want to manage, and navigate to it.
- From the navigation section in the console, choose Troubleshooting > Logs
and trace.
- Select the server that you want to enable or disable with
sensitive log and trace guard.
- Click Change log detail levels.
- Select the Disable logging and tracing of potentially
sensitive data check box to enable sensitive log and trace
guard. To disable sensitive log and trace guard, clear the Disable
logging and tracing of potentially sensitive data check
box.
- Click OK
- Save the changes.
Results
After you enable sensitive log and trace guard, the server
is now configured to prevent known sensitive loggers from writing
sensitive content to the log and trace files. After you disable sensitive
log and trace guard, the server is now configured to allow known sensitive
loggers to write sensitive content to the log and trace files. If
you completed these steps using the deployment manager, you might need to
synchronize the node agent on the target node before restarting the
server.